Page last updated at 10:28 GMT, Friday, 5 December 2008

Who is looking at your medical records?

By Brian Wheeler
Political reporter, BBC News

The idea of people you have never met before leafing through your medical records would make most people a little uneasy.

Jackie Bird
Jackie Bird was alarmed to be told her medical data had been accessed

Even if the people in question are highly qualified health professionals.

With the possible exception of your bank account details, medical histories are the most sensitive - and potentially embarrassing - examples of personal data held by the authorities.

Yet more people than ever before are being allowed access to them - and it is raising serious concerns about confidentiality.

This week, in Scotland, seven BBC journalists were told that their medical records had been inappropriately accessed by a unnamed doctor in Fife through a new central database.

"I wondered why NHS Fife was getting in touch with me and as I read the letter, which was obviously intended to allay fears, the more fearful I became," said newsreader Jackie Bird.

"It was a strange feeling that someone unknown could have accessed my private information."

The doctor, who has not been identified, is facing charges relating to an allegation that he misused access to NHS electronic records.

The records in question were not part of the controversial and much-delayed new NHS computer system, which has previously been the focus of concerns about patient confidentiality, but a little-known new database aimed at improving emergency care.

An Emergency Care Summary is held on a central database so that it can be accessed quickly by out-of-hours doctors and A & E departments.

Public support

A tiny proportion of GP practices have uploaded patient's data on to the system so far but the NHS is working towards compiling a summary for every person in Scotland.

A similar scheme is planned for England, with national roll-out expected to begin in 2009.

Advocates of it say there is public support for data sharing among medical practitioners and patients worried about confidentiality can keep their details off the system.

Is it too much to ask that information about our health is used to benefit future generations?
Mark Walport
Wellcome Trust

In any case, they add, the database just contains basic details such as names, ages, addresses and current medication.

There is, perhaps, more concern about proposals being considered by the NHS in England for patients' entire medical history to be made available to selected researchers.

The Department of Health wants to allow medical researchers to write to people suffering from certain conditions to ask them to take part in medical trials - and to open up everyone's records, with names, addresses and other identifying data removed, for statistical analysis.

Medical records are a potential gold mine for researchers, advocates of the plan say, a massively under-used resource that could be harnessed to fight killer diseases such as cancer in a way that would benefit us all.

'Undermine trust'

Dr Mark Walport, of the Wellcome Institute, recently told the Guardian: "Is it too much to ask that information about our health is used to benefit future generations?"

But Harry Cayton, head of a new watchdog on the use of NHS data, wants more thought to be given to patient confidentiality in the plans.

"When we give our health information to the health service we do it on a basis of trust and we assume our health information will only be used by the people who provide us with care," he told BBC News.

Once you have sent someone's records to The Sun you can not take them back again, whatever the penalties
Harry Cayton
NHS data watchdog

"It will undermine people's trust in the health service if we open up health records to an enormous range of people who may have no duty of care to the person whose records they are looking at."

He is also concerned that private medical information could "get into the wrong hands" under the scheme, which is contained in the proposed NHS constitution.

If people are sent letters without warning asking them take part in clinical trials, it could compromise their privacy, especially if, for example, they have not have told their partner or other family members they have a particular medical condition.

People who live in multi-occupancy homes, such as students, or young people who have not told their parents they are suffering from a particular condition might also be at risk, argued Mr Cayton.

"If people want to take part in research then that's fine, but to assume they somehow have a duty to take part I don't think is necessarily appropriate. I am not sure it is the best way to achieve the outcomes researchers want.

"I am not saying these problems are insurmountable. The evidence is that the public strongly support research but there is also evidence that the public want to be asked."

Tony Blair's son

There is also the danger that rogue researchers or medical staff will sell information in medical records to newspapers, or anyone else with an interest in getting hold of it.

"Once you have sent someone's records to The Sun you can not take them back again, whatever the penalties," says Mr Cayton, who is chairman of the National Information Governance Board for Health and Social Care.

Imagine how much money, he says, someone could have made from selling the medical records of Tony Blair's youngest son, Leo, when he was at the centre of a row over whether he had been given the MMR vaccine.

Leo Blair with father Tony
Will public figures receive special protection?

The government has not ruled out giving special protection to the medical records of MPs and other public figures - their names and addresses have already been removed from the new Contact Point child protection database.

But that, argues Mr Cayton, would undermine confidence in the system still further.

"If it is not good enough for everybody, then it is not good enough for anybody. Some people's records should not be more confidential than others.

"If they say confidentiality is 100% safe, then it should be the same whether you are a celebrity, a politician, a doctor, a nurse or an ordinary member of the public. That is essential if you want the public to have confidence in the system."

'Safe havens'

Dr Walport argues that confidential medical records already flow freely around the NHS - and it is down to medical secretaries, who take down dictation from doctors, and other members of staff to keep them confidential, something which is instilled into them in training.

He is also backing a separate government plan to give researchers access to data from medical records, with the names, addresses and other identifying data removed, which is being proposed as part of a broader plan to increase data sharing between government departments and agencies.

In a review of the data sharing plans, Dr Walport and the Information Commissioner, Richard Thomas, called for the setting up of electronic "safe havens" for medical researchers where the risk of identifying individuals from statistical data can be kept to a minimum.

Research is one of the main ways the NHS can improve health care
Department of Health

The idea was backed by the government in its official response to the review, with the health department saying it wanted to follow the lead of the Office for National Statistics, which allows researchers, including pre-vetted PhD students, to see unpublished economic data gathered from companies and individuals .

The data is "anonymised" and researchers are vetted by a committee, the Microdata Release Panel, before being allowed to access it on a remote computer terminal called the Virtual Microdata Laboratory (VML).

But the system, like any large database, is not foolproof. In April this year, the VML in London had to be closed for about six weeks after security flaws were discovered, which would have allowed unscrupulous researchers to work out the identity of individual companies from the anonymous data held on the system.


The ONS said there was no evidence that anyone had tried to do this or even knew about the potential loophole. It was discovered during routine checks ahead of an office move and the fact that it had been identified and fixed demonstrated the organisation's commitment to security, a spokesman said.

Doctor and patient
Should access be restricted to your own GP?

The Department of Health wants to set up its own "safe havens" for "approved researchers" and is in the process of consulting on guidelines to prevent personal and confidential medical information from being identified by them.

A Health Department spokesman said: "Research is one of the main ways the NHS can improve health care. We are committed to improving support for clinical research. DH welcomes the research recommendations in the data sharing review.

"We want to make it easier for everyone to find out about research.

"Patients tell us that they want to take part in research which is relevant to them and we are taking steps to provide appropriate opportunities whilst safeguarding against breaches of patient confidentiality and ensuring patient consent is obtained in line with the Data Protection Act."

As with most debates about data security, the two sides appear to be poles apart.

Many critics are fundamentally opposed to holding personal details on huge central databases at all, arguing that they can never be fully secure.

But medical practitioners are likely to see the risk of an occasional security breach as a price worth paying to gain an advantage in the war on disease or to improve patient care.

It will be down to the government, in the end, to decide who is right.

Print Sponsor

TV presenters in NHS data fears
03 Dec 08 |  Edinburgh, East and Fife
'Private and confidential'
03 Dec 08 |  North East/N Isles
Plea over NHS patient info plans
15 Nov 05 |  Scotland

The BBC is not responsible for the content of external internet sites

Has China's housing bubble burst?
How the world's oldest clove tree defied an empire
Why Royal Ballet principal Sergei Polunin quit


Sign in

BBC navigation

Copyright © 2020 BBC. The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.

Americas Africa Europe Middle East South Asia Asia Pacific